Reducing Cybersecurity Risk for Remote Workers: An Ultimate Guide

The Remote Workplace Cybersecurity Environment

It’s spring 2020, a rather busy time from a cybersecurity point of view:

• Threat actors found and developed new ways to infect mobile devices.
• Suppliers of advanced ransomware added a second, more malicious level to the exploit’s basic extortion.
• In their haste to move workers to the cloud, organizations exposed misconfigured or unprotected assets to the internet.

As spring 2020 progressed, more and more people got sick from a new pathogen. And the total number of data breaches, IP theft, and cyber-scams exploded.

Midway through March, many office workers were sent home to work indefinitely. Before we could catch our breath, we were doing everyday work in an unfamiliar workplace.

A recent Crowdstrike study of its customers showed more cyberattacks in the first six months of 2020 than in 2019. (That’s 41,000 in January through June 2020 compared to about 35,000 in 2019.)

Why? Because remote workers were—and are—easy targets.

The security risk of remote workplaces is nothing new. Modest at-home security operations are exposed to increasingly skilled and brazen cyber crooks without layers of corporate security protection. But the pandemic accelerated this trend.

Cybersecurity: The View from the Dining Room Table

We’ve designed this guide to provide an up-to-date picture of remote workspace security and what remote workers must do to reduce cybercrime’s business and technology risk. We’ve chosen the details to help you decide whether and how to invest time, tools, and effort in your small office security tasks.

What’s happening to the cyberattack threat landscape?

In a 2020 Skybox report of 295 enterprise organizations, 73 percent of security and IT executives surveyed mentioned their concerns of threats created by their distributed remote workforce. That’s why work at home in 2021 is the #1 focus of endpoint cyberattacks.

Remote work operations will continue to present unique and appealing opportunities for cyberattackers. (Think of ransomware and spear-phishing.) So, securing remote workers will become a significant focus for surveyed organizations.

What’s causing the changes in threat and risk profiles?

The juicy opportunities to attack remote workplaces come from several sources:

• A larger attack surface expanded as workers moved from office to home.
• Poorly secured personal devices and home routers.
• In the future, expect…
• An uptick in insider threats
• A major increase in spear-phishing attacks in 2021 due to automation.
• Continued migration of business processes to the public, private, or hybrid cloud. Dependence on cloud-based and new software technologies and services.
• Remote workers in a hurry.
• Transfer of sensitive information over unsecured or unsanctioned channels.

More recently, 36 percent of security managers said they experienced an increased volume of security vulnerabilities due to remote work.

In the future, expect…

• An uptick in insider threats
• A major increase in spear phishing attacks in 2021 due to automation.
• Continued migration of business processes to the public, private, or hybrid cloud.

How to Use this Guide

We wrote this guide to help remote corporate workers, consultants, and other independent professionals to:

• Recognize and avoid potential security risks.
• Use tools and practices that can maximize remote office security.
• Review the security practices, tools, and mindset that lower risk in remote offices.

We’ll guide you through these tasks in the following sections.

Promoting User Awareness and Best Practices

Sometimes, if we had a dollar for every time we hear “Don’t share your passwords,” we’d all be millionaires. When it’s time to battle cyberattacks, hardware and software are the tools that we usually remember.

It’s easy to roll our eyes at “good security hygiene.” But there’s a reason why security awareness is critical at remote workplaces.

Cybercrooks depend on our more casual attitude about working from home. After all, the bad guys concentrate on corporate networks, where the pickings are numerous and juicy, right?

Well, maybe.

Lately, this trend has been changing. Your remote operations have a direct connection to your organization’s data resources. It takes only instant inattention to let unauthorized users enter your home-based system. After that, it’s off to the races and your organization’s data riches.

Watch for These Cybersecurity Threats

If we have a new cybersecurity “normal,” it would be a distributed hybrid workforce.

In organizations with a DHW, one or more employees work in different physical locations. This could be in the office, home, or public workspaces.

Unfortunately, this workplace structure expands the overall threat landscape. After all, the threat landscape expands wherever we work. So, protecting data and IT infrastructure becomes more complex and challenging.

When you set up your remote work operations, don’t be surprised at the number and variety of items you must be aware of daily.

Suppose this sounds like a bit too much to handle; no worries! Most of these “management” tasks require awareness and the development of good habits.

But understanding involves recognizing potential threats and vulnerabilities. Here’s the lineup of the most worrisome threats to remote workers.

Insider Threats

For most companies, malicious intruders are not always the proverbial cyber attackers. Many remote security problems will have the exact cause as in pre-pandemic days—other employees.

If there is any good news here, these threats are easier to find and manage than those created by strangers.

IBM estimates that human error causes nearly a quarter of all data breaches.

Employees often accidentally compromise company data through poor security practices and technology.

Employees sometimes take advantage of the higher security risk in remote work environments by acting maliciously and stealing company data for profit, retribution, or fun.

Unfortunately, insiders-as-a-service attacks have already made their appearance on the dark web.

Open networks

Realistically, working from “home” can mean working from anywhere other than the office. To cyber attackers, “open” means open season on any unwary remote worker with an unprotected data pipeline to their system’s computer and their organization’s network. We don’t think twice about hopping onto open systems, but we should.

These attacks usually go undetected because they occur at a network infrastructure layer that security software solutions can’t detect. That’s why these attacks are so dangerous.

REMINDER

Connecting to a manipulated Wi-Fi source just once can provide bad actors with access to your organization’s network.

Spoofed peripherals (rogue devices)

Think of all the peripherals you use in a day’s work: keyboards, wireless and connected mice, USB drives, chargers, etc. Cyberattackers are making peripherals their attack tools of choice. Their ultimate targets are almost always humans, unsuspecting users like you.

More remote workplaces mean more remote peripherals and a higher risk of an attack. Compromised peripherals become rogue devices. They perform their regular duties and harmful behavior directed by malicious intruders.

Your system is unlikely to notice rogue devices, which can cause damage to your operations. Your peripherals look and act as you expect them to. They provide the standard identifiers, which your computer will recognize as legitimate. Don’t expect security alarms or notifications when rogue device attacks occur.

Man-in-the-middle attacks

Man-in-the-middle (MitM) attacks—and the damage they do—have been the topic of headlines for years. But hackers, especially those who target mobile devices, are becoming more versatile and using more sophisticated methods.

In these attacks, intruders search for and secretly enter the private communications of a message sender and receiver. Neither party of the communication knows that an intruder has entered the data flow and has perhaps changed the transmission.

Malware

Malware—the name says it all. We’re talking about bad software, which can deliver harm in many ways. The outcome depends on its code.

Ransomware. This malicious program blocks access to your device until you pay a fee to its creator. This exploit is expensive and difficult to remove. In April 2020, Coveware reported a jump in average ransomware payments to more than $111,000, a 33-percent increase over the previous quarter.

Since the start of the pandemic, ransomware has been more than malicious. Now, it’s deadly. In a September 2020 incident, ransomware played a part in the death of a patient in Germany.

Data breaches. Do you want to steal customer, patient, or employee data? Or maybe some juicy intellectual property? Just inject malware into a computer or device at a specific layer of an organization’s network infrastructure. Then, cruise your way through their network.

Loss of network function. If data breaches aren’t to your taste, how about bringing a website’s operations to a halt? In a distributed denial of service (DDoS) attack, malware will infect and overload servers with junk data until the servers can’t function.

These and other types of malware attacks are high-cost, high-impact events. They can affect customer loyalty and company revenue, costs, and reputation.

As any victim of a malware attack will tell you, these long-term effects are expensive and damaging enough to warrant protective and defensive security measures.

Mouse/keyboard emulation

Some versatile hardware devices can act as a mouse or a keyboard. Essentially, these devices can behave like a human and click links that cause the installation of malware, for example.

If malicious actors penetrate a system that uses these devices, they can trigger commands remotely and cause a wide range of damage.

Best Practices that Counteract Security Threats

Companies have spent significant sums to secure their onsite IT infrastructure for years. Now that remote work is a long-term trend, organizations should make comparable offsite investments, too.

Every organization and remote worker can significantly reduce the risk of cyberattacks by developing good security habits and embracing defensive best practices.

Here are proven best practices that can form the foundation of solid cybersecurity protection.

Set up remote workplaces before you start work.

Often, remote workers forget this first-things-first recommendation. Yes, there is time and effort involved. But talk to anyone who has experienced a ransomware or phishing attack, and you’ll understand that the preparation is worth it.

Review your organization’s security policies and guidelines.

It does no harm to review your organization’s security dos and don’ts before you start remote work. Even if you’re familiar with the specifics, check them anyway. Something new might have been added.

Review your hardware and software tools.

Here are some items to check off your list. Your IT team or independent IT support specialist can check for these security-related gear, settings, and support tasks.

Here’s a list of the items that appear on lists of remote worker must-have tools:

• Multi-factor authentication
• Virtual private networks
• Real-time security monitoring
• Data and system backups
• Cybersecurity software (antivirus, antimalware, etc.)
• Employee monitoring software

Here are some questions that will help you reduce the security risk of your remote office:

• Does your remote office include all the hardware, software, and connectivity equipment you need to run a secure remote office?
• Has anyone reviewed your equipment’s security and configuration-related settings? Does anything need an update?
• Has the latest security software been added (patched) on your computer and devices?
• Does your organization have a patching schedule that would include your equipment?
• Does your equipment use the latest certificates and patching procedures?
• Have you set up a data and file backup method, schedule, and location?

Ask about security in the cloud.

Before the pandemic, many organizations and solo professionals moved their data and apps to hosted third-party services in the cloud. Constantly vigilant cybercrooks have noticed the opportunity for high-volume mayhem.

Now, they are paying more attention to workers who use cloud-based platforms and services. Ask the cloud operator who pays for data breaches or other security exploits if you run a solo operation.

After you set up and plan your security system, it’s time to secure your tools.

Protecting Your Remote System, 2021 Style

There have been significant changes in cybersecurity design in the past several years. The emphasis has changed from addressing vulnerabilities (adding and monitoring network components such as firewalls) to reducing the odds of damage to your system.

Here is the latest how-to information, designed to help you keep your equipment safe and your data private.

Establishing and Following Data Security Policies

Using company-issued technology to access data and networks in offsite work environments is a safer, less risky way to keep remote data safe and private. In fact, following standard security rules and practices is your best bet for building an effective remote security system.

Securing accounts

More than a third of your colleagues never update their account data. Billions of login credentials have been compromised in the past several years, so this is an apparent vulnerability that can be protected relatively quickly.

Protecting files and data. There are several ways to thwart ransomware specialists and keep other malicious parties out of your information and data. You can summarize the method as “Don’t make it easy for the bad guys.”

• Gather, copy, and transfer files and data, often and consistently. The idea is to update your information and transfer it in a fast, frequent, and reliable process.
• Keeping copies of files and data out of reach. A convenient and cost-effective way is to back up data in the cloud. A UBS device (thumb drive) works well for smaller operations. But avoid any internet connections between your data store and your system!

Updating account passwords. Computer and mobile device users are probably sick of hearing about passwords. But there’s a good reason why the subject is repeated repeatedly. Ensuring all accounts are protected with strong passwords is more important than ever.

Prompting employees to update account passwords regularly can keep bad actors out of remote files and emails. Many organizations use helpful software that uses simple, on-screen prompts to reduce the risk of intruders, IP theft, or data breaches.

Using advanced authentication methods. New technology contributes to the cybersecurity effort. Familiar security features such as two-factor authentication make it harder for bad actors to access networks and data stores.

Biometric measures—facial recognition, retina scans, and fingerprints—have been available for several years now but slowly increasing in usage.

Absorbing all the security training in sight

Most people want to be a part of the data security solution. Learning to manage data carefully, identify phishing scams and other exploits, and often protect your accounts will ensure that you become a defensive asset.

Taking responsibility for a secure home system

This is the biggie, the most important item on your system security to-do list. You might have a remote office. But you must keep your home office system and organization network free of cyberattack entry points. That means:

• Recognizing new security exploits and cyberattacks. Learn how to recognize and avoid phishing and ransomware attacks. They’ve become more sophisticated and harmful than ever.
• Avoiding attacks enabled by human nature. We all lose attention now and then and love convenience. That makes sharing passwords, using passwords in several accounts, and losing track of regular security checks all too easy. Password management software and periodic IT service provider checks remove the time and aggravation of security maintenance. Use these essential services as part of a regular security routine.

From best practices to hardware: Here’s how to keep your system tools and appliances safe.

Keeping Hardware Systems Safe

Individuals and organizations typically think of software as the cause of spectacular data breaches and theft of sensitive employee or business data. This might be true in many cases. However, cyberattacks on hardware have also put their destructive fingerprint on exploits.

In 2018, Intel chips infected with Spectre and Meltdown malware threatened computers, servers, smartphones, and Internet of Things (IoT) appliances such as routers, TVs, and other intelligent devices.

The most significant potential damage came from its source. The vulnerability existed at the hardware level of the IT infrastructure. IT teams from user companies could not deploy patches without severely reducing chip processing speed.

Home routers

Your home router is possibly the most vulnerable path into your home and your company’s network as an IoT device. Why? Many people don’t change the password on their home router when it is first installed. Avoiding router-based attacks is easy:

• Take the router out of the box.
• Plug in the router and initialize it.
• Immediately change the password.
• Add the new information to your password manager. (You do have one … right?)
• Set up encryption on your router (See below.)

There’s one more thing you must do to secure your router. Set up the latest type of encryption. Until you do, all communications between your home office and work office are easy pickings for internet eavesdroppers. Here’s how to do it:

1. Ensure your wireless network router supports the WPA2 security protocol. (WPA is an acceptable but weaker protocol.)

If necessary:

• Go to your router manufacturer’s site.
• Search for the latest firmware.
• Download the firmware according to the instructions on the manufacturer’s website.

2. Apply compatible WPA2 settings on each WiFi device.
Choose the WPA2 encryption option and its related authentication information for each device.

Employee computers

Providing laptops for all employees can be costly, so many organizations rely on staff members using their own devices when they work from home. This practice creates one of the biggest risks of remote work. Why? Employee computers and devices often lack:

• Strong antivirus software, customized firewalls, automatic online backup tools, and best practices built into business networks.
• The ability to monitor malicious activity on the network.

These deficiencies raise the risk of malware finding its way onto devices and removing personal data and work-related information.

Employee mobile devices

If you must use your smartphone for work purposes, consider mobile device management (MDM) and mobile application management (MAM) software. These solutions can help you secure mobile devices and applications by using these security measures remotely:

• Data encryption
• Malware scans
• Wiping data on stolen devices.

Also, consider a mobile security solution, which can provide antivirus and endpoint detection and response capabilities for all your mobile devices.

Hardware firewalls

Dedicated firewalls create a barrier between employee devices and the Internet. They protect networks by closing communications ports on servers. This method helps prevent the entry of malicious programs and stops data loss from employee devices.

However, hardware firewalls require advanced IT knowledge to install, configure and set up. Also, they usually need a dedicated IT employee or department to monitor and manage after the installation.

If your organization sent you home to work remotely, your IT staff would probably have contacted you. If not, ask them what must be done to set up your firewall correctly.

Software that Keeps Cyber-Intruders Away

Software is becoming increasingly important because it takes over many formerly hardware functions. Here are the major software packages that keep your home office secure.

Wi-Fi connections

Wireless connections between your home office and your company’s network are a potential security weak spot. Malicious parties use and prowl around restaurants and other digital public places to spy on internet traffic and collect confidential information. (Confess, don’t you have a favorite coffee shop or public place that gets you out of the house?)

So, avoid working in places that don’t encrypt WiFi.

But even at home, you must protect your communications. You can operate a virtual private network (VPN). If that’s unavailable, follow these steps to avoid giving cyber intruders access to your system.

Check out our top list of the best VPNs for recommendations.

Whenever you begin remote work—or want to upgrade system security—follow these steps:

1. Open the Settings app on your computer, laptop, or tablet.
2. Access the Wi-Fi Connections settings.
3. Find your wireless network on the list of available networks.
4. Tap the network name or Info button to pull up the configuration properties.
5. Check the configuration for the security type. Your system should be using WPA2 (or less desirably) WPA.

Virtual private networks

VPNs are software programs that keep online data private and safe from breaches, IP theft, and malicious intrusion. VPNs are encryption-protected communications tunnels that whisk your data and communications from your computer to a secure server on the Internet.

You can use VPNs whenever you work outside your office: at home, in cafes, hotels, or airports. VPNs encrypt all your internet traffic, making it unreadable to anyone who intercepts it.

NOTE: VPNs are specialized security tools. They can prevent anyone from grabbing information in your communications. They can’t prevent data breaches or cyber mischief in your organization’s network.

Software firewalls

Software firewalls are installed on and protect individual computers or mobile devices. If your remote workplace includes several computers or peripherals, firewall software must be installed on each protected machine.

This needn’t be a problem, though. Software firewalls are already built into many OSs and peripherals. Just check with your IT team to see if they are installed, protecting vulnerable system components. Then, ensure that they are enabled wherever they exist in your system.

Antivirus software

Once touted as magic bullet protection, AVS is now regarded as one part of a secure home system. You must support AVS with well-configured installations and regular security software updates to keep your home office safe.

Advanced antivirus software can act as a second line of defense by detecting and blocking known malware. Even if malware finds its way into your system, antivirus software is designed to identify and stop it before damage can be done.

Encryption software

Ensure that your equipment uses up-to-date encryption tools when you communicate sensitive information with colleagues, organization partners, suppliers, and customers. It pays to have someone check that you have support for basic and more advanced security functions.

Basic security support. These tools check whether a legitimate certificate authority issued a security certificate or if it is fake. Most systems use quite a few certificates, so it’s best to have an IT team member or hired specialist.

More sophisticated detection and protection. It’s also good to check if your computer and devices have protection against more advanced mayhem caused by cyber attackers.

Just ask your organization’s IT team to check out your soon-to-be-remote gear. (They will probably do this automatically as part of your moving to a home office.)

If you run an independent operation, consider hiring an IT services specialist to give your system a thorough security check before you proceed.

Whoever you choose, your IT security specialist will look for and neutralize potential software vulnerabilities, such as:

• Transport layer security cipher suites and versions.
• SSL/TLS versions of network connections.
• Enforcing certificate roles.

Deploying environment monitoring software

A new development, employee monitoring software uses advanced, high-speed data analysis methods to provide critical insights into employee behavior within an organization’s network. If your organization is concerned about inside jobs or intruders, they might install this tool, which:

• Analyzes employee behavior patterns to identify threats before they occur.
• Restricts employee access to sensitive data.
• Blocks data theft.
• Provides digital forensic data to investigate and analyze data and files when an exploit occurs.

These checks are part of a more extensive process, including installing, configuring, and testing your security-related equipment.

Installing, Configuring, and Testing Security Resources

Usually, your organization’s IT staff will help you confirm that your system works, ideally before going remote. Independent professionals should also engage a specialist to complete these critical steps.

So, that’s it. You are now fully grounded in the basics of remote office security.

Summary and Conclusions

There are many details to keep track of, but you can master the remote office security manager role. Here are some recommendations to help you get started and keep going:

• Identify the steps of your move to a remote environment. Discover who is responsible for each step. Consider engaging an IT support services specialist if you run your office as an independent professional (freelancer or consultant).
• Learn about your organization’s cybersecurity policies. 
Some organizations lack policies that promote remote workforce security. You might already be familiar with your organization’s onsite security measures. Now, find out what your organization expects of remote workers like you.

Cyberattackers will take advantage of your relatively exposed position with pandemic-themed phishing attacks and scam campaigns.

• Stay informed about scams and other exploits trends. 
Continuing security education is necessary because scams and other exploits are more frequent and harmful.

  Before you start work, brush up on your security awareness. You’ll need it to recognize the latest threats and respond quickly if they occur.

• Set up and keep schedules for your remote operations tasks. Independent professionals: consider creating checklists or project management calendars to help you master the details. Check each item periodically to change a task or confirm its usefulness.
• Follow practices that support data security and privacy issues. 
You need to be educated and follow policies promoting data safety and employee privacy. Your organization’s cybersecurity policies exist for a reason. Learn to understand the “whys” of those policies. And then, be proud, knowing that you are part of the solution, not the problem.